A few months ago I decided to look into the professional experience of non-executive directors at the major banks listed in Britain. Like almost every other major industry today, banking relies on hugely complex, enormously expensive technology. So I was curious as to whether the individuals charged with corporate governance would have any more than a layman’s knowledge of IT. I discovered that only one bank had a board member with some direct experience in technology and in that case it was as a sales executive.I’m afraid this is typical not just in banking but across most major industries. Technology is the most important agent of change today; hardly any industry is immune to both its value-creating and disruptive potential. Yet I perceive a large gap between the direct experience of non-executive directors and the experience required to challenge and support chairmen and CEOs in their quest to bring the best technology to their business.Executive directors are usually selected for their leadership qualities; they often have experience with generalized management or leadership experience rather than narrow expertise or technical acumen. Why should knowledge of IT be an exception?The truth is that many industries today employ outdated technology. Consumer banking is one — layers of technology have been implemented since the 1960s and almost nothing has been taken out. A total overhaul is required. There are countless other examples. Fax machines remain the preferred way to share health care data in most countries despite the fact that the cloud could theoretically allow clinicians to instantaneously share medical records. Chalk remains the technological tool of choice in most education settings. Utilities have only recently begun to add sensors throughout the electric grid and add smart meters in homes and business.The main reason for this lag is that the project horizon of most IT overhauls goes beyond executive tenures. The cost of overhauls can run into the billions of dollars, the risk of overruns and even failure is high, and that means than many executives kick technology refreshes into the tall grass. Of course, this leaves too many companies vulnerable to technology-fueled disruption. Few expected Apple to disrupt the music industry (with the iPod and iTunes), communication (with the iPhone) and now potentially consumer banking with ApplePay. Amazon dramatically impacted not just book shops but shopping; Google is now a verb. Who would argue against a future in which disruptive services continue to impact everything from healthcare to retail to personal finances?Only a multi-year, board-level sponsored effort can ensure a responsible IT overhaul. But without IT expertise at the director level, how can a board truly make an educated decision and, more importantly, follow it through until the end of the project, adapting the design of the overhaul over the course of years to take advantage of rapidly changing technology and consumer behavior?To ensure that corporate governance includes sufficient oversight of technology, I propose companies follow the following principles:

Hire a techie to your board. That is probably the most difficult task and it is very industry dependent but my recommendation would be to give priority to individuals with scars, with both successes and failures and who continue to be involved with technology. Technology moves too fast for “stale” talent, however well-regarded. In consumer industries I would give a huge premium to articulate young entrepreneurs who can rapidly educate the board. Be prepared to rotate this role at least every two years.

Don’t rely entirely on advisers. Many boards rely on technical advisers and consultants to assess their firm’s technology needs. Too often the corporate advice these advisers offer is generic. It’s often focused on the competitive environment — used to reassure management that it is not falling behind rivals. This leads to the predominance of the lowest common denominator.

Ask tough questions about technology spending. Using Moore’s Law, zero-based budgeting would call for technology spending to fall each year by about 30%; in most companies spending goes up by at least 5% each year. Part of the reason is that CIOs are not rewarded for taking out old code and old hardware; instead they “layer” old technology on top of ancient technology, bad on top of worse — which of course leaves their company vulnerable to new entrants that do not have any obsolete inheritances to deal with.

Understand the cyber threat. Unfortunately, new technology opens up vulnerabilities even as it creates value. Total security is not possible, but understanding the risk-benefit trade-off is essential. A recent survey by the Ponemon Institute, sponsored by Raytheon, found that 80% of boards do not even receive briefings on their company’s cyber security strategy. That number should be zero — and briefings should happen periodically to remain up to date.

Poor corporate governance remains a problem at many companies and is a complicated challenge that goes beyond a dearth of technology expertise. But this dearth of technology experts is one of the easiest problems to fix. Chairpersons should test their company’s preparedness to handle technological change by mapping current and future challenges to their current non-executive directors’ pool. They will almost surely discover there is a gap between their team and their needs; the above steps can help them bridge the gap.

Jean-Louis Bravard is a non-executive board member for London and Partners, the official promotional organisation for London and the Chairman for DotLondon. He is an active investor in and adviser to several European and US technology ventures.

Last week, BlueSynergy launched a complimentary webinar with tremendous success. This webinar was touted by many participants as "exactly what we needed" and "full or great information". This webinar is designed and delivered to add understanding and context to DNVGL hospitals on their transition journey to ISO 9001:2015.

This FREE webinar will cover three (3) important aspects of the newly released ISO 9001-2015. We will discuss effective transition planning, to ensure that you create a realistic plan that will meet your resource and requirements, as well as those of DNV-GL and your patients. We will also cover some of the most important changes to ISO 9001 from the 2008 version to the newly released 2015 version. Finally, we will discuss risk-based thinking, a new requirement that will enhance your hospital’s patient safety focus. These three aspects of your transition are key to your continued success.

These FREE webinars are limited to twenty (20) participants per session.

​To find out more about, click on the "Education/Webinars" tab above and select "FREE Webinars".

From Healthcare Finance- Oct-19-2015​Cyberattacks could cost healthcare providers $305 billion in next 5 years, report says One out of every 13 patients will have sensitive financial data stolen from their healthcare provider's IT systems, Accenture reportsays.Mike Miliard

Over the next five years, U.S. health systems stand to lose a total of $305 billion from coordinated cyberattacks, according to a new report by Accenture. Even worse, their patients are at big financial risk themselves.The report – The $300 Billion Attack: The Revenue Risk and Human Impact of Healthcare Provider Cyber Security Inaction – predicts that 25 million people, one out of every 13 patients, will have sensitive financial data stolen from their healthcare provider's IT systems over the next half-decade."What most health systems don't realize is that many patients will suffer personal financial loss as a result of cyberattacks on medical information," said Kaveh Safavi, MD, managing director of Accenture's global healthcare business, in a statement. "If healthcare providers are complacent to safeguarding personal information, they'll risk losing substantial revenues and patients as a result of medical identity theft."[Also:Healthcare finance tips for safeguarding against cyberattacks]Out of the patients likely to be affected by healthcare-provider data breaches over the next five years, 25 percent of patients (six million people) will subsequently become victims of medical identity theft. Some 16 percent of the affected patients (four million people) will be victimized and pay out-of-pocketcosts approaching $56 billion over the same time period.Unlike credit card identity theft, where card issuers are generally on the hook for customer losses of $50 or more, medical identity theft often leaves its victims with no automatic recourse to recoup their losses, Safavi points out.Nonetheless, despite the risks, Accenture research points to a "significant gap" in providers' preparedness for ever-craftier cyber crooks."In the end, when a breach occurs, the goal is not to say 'what is our plan?' but, 'how is our plan working?'" he said.Twitter: @mikemiliardHITN​​

This week, BlueSynergy launched a complimentary webinar that will cover three (3) important aspects of the newly released ISO 9001-2015. We will discuss effective transition planning, to ensure that you create a realistic plan that will meet your resource and requirements, as well as those of DNV-GL and your patients. We will also cover some of the most important changes to ISO 9001 from the 2008 version to the newly released 2015 version. Finally, we will discuss risk-based thinking, a new requirement that will enhance your hospital’s patient safety focus. These three aspects of your transition are key to your continued success.

These FREE webinars are limited to twenty (20) participants per session.

​To find out more about, click on the "Education/Webinars" tab above and select "FREE Webinars".